Is hacking really a risk?

Question

This may sound like a stupid question but,

If I turned off our Firewall and gave unrestricted access at the TCP/IP level to our corporate network. What is the risk? Could someone really compromise system security IE: Passwords and steal data just by having TCP/IP access? How would they do it?

OK. Let me add some detail here. I am fighting to get what I belive is a securtiy hole here closed. If exploited it would give the person full TCP/IP access to our corparte network. But I am being asked "How could this be a risk? How could people steal client data with only TCP/IP access?". I know it is. You know it is. But how can I explane the risk?

Answer 1

Yes they could hack their way in without passwords. There are many hacking methods that work very well, but most require you to do something like open emails or visit a website. Any execuable code can be compromised and potentially take over your computer, that includes HTML code and email attachments.

Answer 2

I put up a Linux computer with no firewall but strong passwords. While they could not crack my password, I got 6 thousand hacking attempts in the first day.

I would not try this with a Microsoft OS.

Details:

I had one user account and allowed no root login. The user name and password were both cryptic. This computer was attached to a .org domain name. The attackers went through a list of names for user accounts that was very long. The attacks persisted for several weeks before it began to drop. The attacks were mostly from China, Eastern Europe and South America. Also my own US government.

Answer 3

Yes. For experience supporting a site with over 1500 computers, when I am install a new computer, I have to make sure the firewall is one BEFORE I connect it to our network for the first time. Last time I forgot, it take less then 30 seconds for the computer to be infect with viruses and attacked by over a dozen people atempting to hack it.

Answer 4

If this is your business then hopefully the Internet Hackers have gained access to your system and even now are ruining you.

If this is somewhere you work then hopefully a Lab Mouse with higher intelligence than you, reactivated the firewall before too much damage was done and you will be fired.


The question you asked isn't stupid BUT your actions were stupid to the point of criminal!

Answer 5

Hell yes!! I just had a class in computers and they showed a video about hacking. It scared us. You don't realize how easy it is to get into another person's computer. I don't know how to do it. Also, if there really were not any "serious" risks out there, then why would there be so much security options for us? Don't do it.

Answer 6

I asked our IT guy that question and he said if you turn off the firewall you'll be hacked within twenty minutes these days.

There's always a few thousand crooks and geeks running port scanners; they will spot that your firewall is down on one of their regular sweeps, and will get to work. They might run a password guesser or they might look for particular ports with different vulnerabilities.

So don't!

Answer 7

ID Fraud is actually the biggest threat not only for computer and business users but for our children whose government numbers like SSN or Canada SSN can be stolen and used 20 years before the parents find out

Spam, e-mail trickery, phishing and websites like my space lure young children into an adult world

Answer 8

An unprotected computer gets hacking within 40 mins.

Answer 9

OMG - you're joking - right? Do you happen to be the network admin for TJMaxx? If you are - that explains how someone got all of their customers credit card numbers out of the database!

Answer 10

Yes!